Commit Graph
23 Commits
Author SHA1 Message Date
2f8e1604f8 Fix review request number and add more tests (#27104)
fix #27019 
## testfixture yml
1. add issue20(a pr issue) in repo 23, org 17
2. add user15 to team 9
3. add four reviews about issue20
## test case
add two tests that are described with code comments
the code before pr #26784 failed the first test
<img width="479" alt="image"
src="https://github.com/go-gitea/gitea/assets/70063547/1d9b5787-11b4-4c4d-931f-6a9869547f35">
current code failed the second test(as mentioned in #27019)
<img width="484" alt="image"
src="https://github.com/go-gitea/gitea/assets/70063547/05608055-7587-43d1-bae1-92c688270819">
Any advice is appreciated.

---------

Co-authored-by: CaiCandong <[email protected]>
Co-authored-by: Giteabot <[email protected]>
2023-09-21 13:59:50 +02:00
321383db22 Revert package access change from #23879 (#25707)
Fixes (?) #25538
Fixes https://codeberg.org/forgejo/forgejo/issues/972

Regression #23879

#23879 introduced a change which prevents read access to packages if a
user is not a member of an organization.

That PR also contained a change which disallows package access if the
team unit is configured with "no access" for packages. I don't think
this change makes sense (at the moment). It may be relevant for private
orgs. But for public or limited orgs that's useless because an
unauthorized user would have more access rights than the team member.
This PR restores the old behaviour "If a user has read access for an
owner, they can read packages".

---------

Co-authored-by: Giteabot <[email protected]>
2023-07-09 13:00:07 +00:00
bbf83f5d4b Improve permission check of packages (#23879)
At first, we have one unified team unit permission which is called
`Team.Authorize` in DB.
But since https://github.com/go-gitea/gitea/pull/17811, we allowed
different units to have different permission.

The old code is only designed for the old version. So after #17811, if
org users have write permission of other units, but have no permission
of packages, they can also get write permission of packages.

Co-authored-by: delvh <[email protected]>
2023-04-06 22:18:29 +08:00
yp05327andGitHub 6864583957 Add default owner team to privated_org and limited_org in unit test (#23109)
Related to https://github.com/go-gitea/gitea/pull/22705 's CI result
[here](https://drone.gitea.io/go-gitea/gitea/68043/2/16)
> IsOrganizationOwner() [E] [63f61849-7] Organization does not have
owner team: 23
2023-03-04 19:23:51 +00:00
1b53a9e914 Don't return duplicated users who can create org repo (#22560)
- Currently the function `GetUsersWhoCanCreateOrgRepo` uses a query that
is able to have duplicated users in the result, this is can happen under
the condition that a user is in team that either is the owner team or
has permission to create organization repositories.
- Add test code to simulate the above condition for user 3,
[`TestGetUsersWhoCanCreateOrgRepo`](https://github.com/go-gitea/gitea/blob/a1fcb1cfb84fd6b36c8fe9fd56588119fa4377bc/models/organization/org_test.go#L435)
is the test function that tests for this.
- The fix is quite trivial use a map keyed by user id in order to drop
duplicates.

---------

Co-authored-by: Lunny Xiao <[email protected]>
2023-01-30 18:12:45 +08:00
a577214760 Add some api integration tests (#18872)
depends on #18871

Added some api integration tests to help testing of #18798.

Co-authored-by: Lunny Xiao <[email protected]>
Co-authored-by: wxiaoguang <[email protected]>
Co-authored-by: zeripath <[email protected]>
Co-authored-by: techknowlogick <[email protected]>
2022-10-18 00:23:27 +08:00
1b630ff7cd Fix user visible check (#21210)
Fixes #21206

If user and viewer are equal the method should return true.
Also the common organization check was wrong as `count` can never be
less then 0.

Co-authored-by: 6543 <[email protected]>
Co-authored-by: Lunny Xiao <[email protected]>
2022-09-20 15:59:20 +08:00
b06b9a056c Move organization related structs into sub package (#18518)
* Move organization related structs into sub package

* Fix test

* Fix lint

* Move more functions into sub packages

* Fix bug

* Fix test

* Update models/organization/team_repo.go

Co-authored-by: KN4CK3R <[email protected]>

* Apply suggestions from code review

Co-authored-by: KN4CK3R <[email protected]>

* Fix fmt

* Follow suggestion from @Gusted

* Fix test

* Fix test

* Fix bug

* Use ctx but db.DefaultContext on routers

* Fix bug

* Fix bug

* fix bug

* Update models/organization/team_user.go

* Fix bug

Co-authored-by: KN4CK3R <[email protected]>
Co-authored-by: wxiaoguang <[email protected]>
2022-03-29 14:29:02 +08:00
1751d5fcf2 Restricted users (#6274)
* Restricted users (#4334): initial implementation

* Add User.IsRestricted & UI to edit it

* Pass user object instead of user id to places where IsRestricted flag matters

* Restricted users: maintain access rows for all referenced repos (incl public)

* Take logged in user & IsRestricted flag into account in org/repo listings, searches and accesses

* Add basic repo access tests for restricted users

Signed-off-by: Manush Dodunekov <[email protected]>

* Mention restricted users in the faq

Signed-off-by: Manush Dodunekov <[email protected]>

* Revert unnecessary change `.isUserPartOfOrg` -> `.IsUserPartOfOrg`

Signed-off-by: Manush Dodunekov <[email protected]>

* Remove unnecessary `org.IsOrganization()` call

Signed-off-by: Manush Dodunekov <[email protected]>

* Revert to an `int64` keyed `accessMap`

* Add type `userAccess`
* Add convenience func updateUserAccess()
* Turn accessMap into a `map[int64]userAccess`

Signed-off-by: Manush Dodunekov <[email protected]>

* or even better: `map[int64]*userAccess`

* updateUserAccess(): use tighter syntax as suggested by lafriks

* even tighter

* Avoid extra loop

* Don't disclose limited orgs to unauthenticated users

* Don't assume block only applies to orgs

* Use an array of `VisibleType` for filtering

* fix yet another thinko

* Ok - no need for u

* Revert "Ok - no need for u"

This reverts commit 5c3e886aabd5acd997a3b35687d322439732c200.

Co-authored-by: Antoine GIRARD <[email protected]>
Co-authored-by: Lauris BH <[email protected]>
2020-01-13 18:33:46 +01:00
David SvantessonandLunny Xiao 69a255defb Team permission to create repository in organization (#8312)
* Add team permission setting to allow creating repo in organization.

Signed-off-by: David Svantesson <[email protected]>

* Add test case for creating repo when have team creation access.

Signed-off-by: David Svantesson <[email protected]>

* build error: should omit comparison to bool constant

Signed-off-by: David Svantesson <[email protected]>

* Add comment on exported functions

* Fix fixture consistency, fix existing unit tests

* Fix boolean comparison in xorm query.

* addCollaborator and changeCollaborationAccessMode separate steps

More clear to use different if-cases.

* Create and commit xorm session

* fix

* Add information of create repo permission in team sidebar

* Add migration step

* Clarify that repository creator will be administrator.

* Fix some things after merge

* Fix language text that use html

* migrations file

* Create repository permission -> Create repositories

* fix merge

* fix review comments
2019-11-20 19:27:49 +08:00
David SvantessonandLauris BH a0e88dfc2e Add teams to repo on collaboration page. (#8045)
* Add teams to repo on collaboration page.

Signed-off-by: David Svantesson <[email protected]>

* Add option for repository admins to change teams access to repo.

Signed-off-by: David Svantesson <[email protected]>

* Add comment for functions

Signed-off-by: David Svantesson <[email protected]>

* Make RepoAdminChangeTeamAccess default false in xorm and make it default checked in template instead.

Signed-off-by: David Svantesson <[email protected]>

* Make proper language strings and fix error redirection.

* Add unit tests for adding and deleting team from repository.

Signed-off-by: David Svantesson <[email protected]>

* Add database migration

Signed-off-by: David Svantesson <[email protected]>

* Fix redirect

Signed-off-by: David Svantesson <[email protected]>

* Fix locale string mismatch.

Signed-off-by: David Svantesson <[email protected]>

* Move team access mode text logic to template.

* Move collaborator access mode text logic to template.
2019-09-23 23:08:03 +03:00
Antoine GIRARDandtechknowlogick 76408d50fb org/members: display 2FA members states + optimize sql requests (#7621)
* org/members: display 2FA state

* fix comment typo

* lay down UserList bases

* add basic test for previous methods

* add comment for UserList type

* add valid two-fa account

* test new UserList methods

* optimize MembersIsPublic by side loading info on GetMembers + fix integrations tests

* respect fmt rules

* use map for data

* Optimize GetTwoFaStatus

* rewrite by using existing sub func

* Optimize IsUserOrgOwner

* remove un-used code

* tests: cover empty org + fix import order

* tests: add ErrTeamNotExist path

* tests: fix wrong expected result
2019-08-02 12:06:27 -04:00
Lunny XiaoandGitHub eabbddcd98 Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems

* fix some bugs and merge LoadUnits to repoAssignment

* refactor permission struct and add some copyright heads

* remove unused codes

* fix routes units check

* improve permission check

* add unit tests for permission

* fix typo

* fix tests

* fix some routes

* fix api permission check

* improve permission check

* fix some permission check

* fix tests

* fix tests

* improve some permission check

* fix some permission check

* refactor AccessLevel

* fix bug

* fix tests

* fix tests

* fix tests

* fix AccessLevel

* rename CanAccess

* fix tests

* fix comment

* fix bug

* add missing unit for test repos

* fix bug

* rename some functions

* fix routes check
2018-11-28 19:26:14 +08:00
David Schneiderbauerandtechknowlogick 0b3ea42847 hide issues from org private repos w/o team assignment (#4034) 2018-06-21 12:00:13 -04:00
MorlinestandLauris BH ddb7f59ef4 Add search mode option to /api/repo/search (#2756)
* Add repo type option to /api/repo/search

* Add tests and fix result of collaborative filter in specific condition

* Fix/optimize search & tests

* Improve integration tests

* Fix lint errors

* Fix unit tests

* Change and improve internal implementation of repo search

* Use NonexistentID

* Make search api more general

* Change mirror and fork search behaviour

* Fix tests & typo in comment
2017-10-27 00:16:13 +03:00
MorlinestandLunny Xiao ccd3577970 Fix repository search function (#2689)
* Fix and remove FIXME

* Respect membership visibility

* Fix/rewrite searchRepositoryByName function

* Add unit tests

* Add integration tests

* Remove Searcher completely

* Remove trailing space
2017-10-17 23:20:22 +08:00
MorlinestandLauris BH ca68a75b5b Expand fixtures (#2571)
* Add more repo search tests

* Add and fix /api/repo/search integration tests

* Add owner to access table for organization repositories

* Remove tests
2017-09-22 13:51:16 +03:00
Lauris BHandLunny Xiao f33e6ae09e Remove unit types commits and settings (#2161)
* Remove unit types commits and settings

* Can not limit units in administrator teams

* Limit changing units only to teams with read and write access mode

* Small code optimization
2017-07-17 10:04:43 +08:00
Lunny XiaoandGitHub fd6034aaf2 Add units to team (#947)
* add units to team

* fix lint

* finish team setting backend

* finished permission controll on routes

* fix import blank line

* add unit check on ssh/http pull and push and fix test failed

* fix fixtures data

* remove unused code
2017-05-18 22:54:24 +08:00
Ethan KoenigandLunny Xiao 4f3880ff15 Bug fixes and unit tests for org_team (#1016) 2017-02-23 09:36:15 +08:00
Ethan Koenig 5972aa9af3 Fix inconsistencies in test fixtures 2017-02-04 11:01:06 -05:00
Ethan Koenig a2412492da Unit tests and bug fix for models/org 2017-01-27 12:24:06 -05:00
Ethan KoenigandLunny Xiao 6072b03291 Unit tests for models/access.go (#606) 2017-01-08 11:10:53 +08:00